Crate crypto_secretstream

Usage

use crypto_secretstream::*;
use rand_core::OsRng;

// Generate a key
let key = Key::generate(&mut OsRng);

// Use some additional data
let some_additional_data = b"It needs to be known in advance";

//
// Send messages
//

// Create a stream to send messages, receive an header to send to the other
// side (it can be known by a thirdparty without security issue).
let (header, mut push_stream) = PushStream::init(&mut rand_core::OsRng, &key);

// Messages to send
let mut first_message = Vec::from(&b"Top secret message we're encrypting"[..]);
let mut second_message = Vec::from(&b"Which can be followed by other messages"[..]);

// Encrypt the messages using the stream
push_stream.push(&mut first_message, &[], Tag::Message).unwrap();
push_stream.push(&mut second_message, some_additional_data, Tag::Final).unwrap();

//
// Receive messages
//

// Create a stream to receive messages
let mut pull_stream = PullStream::init(header, &key);

// Decrypt the ciphertexts using the stream
let first_tag = pull_stream.pull(&mut first_message, &[]).unwrap();
let second_tag = pull_stream.pull(&mut second_message, some_additional_data).unwrap();

assert_eq!(first_message, b"Top secret message we're encrypting");
assert_eq!(first_tag, Tag::Message);
assert_eq!(second_message, b"Which can be followed by other messages");
assert_eq!(second_tag, Tag::Final);

Re-exports

• pub use aead;

Modules

• errors
  Errors generated by this crate.

Structs

• Header
  Header of the secret stream, can be sent as cleartext.
• Key
  Symmetric key used by crate::PushStream and crate::PullStream.
• PullStream
  Stream that can decrypt messages encrypted by crate::PushStream
• PushStream
  Stream that can encrypt messages to be decrypted by crate::PullStream
• Stream
  AEAD for libsodium’s secretstream. Better to use PushStream & PullStream as these take care of rekeying and computing the next nonce.

Enums

• Tag
  Tag is attached to each message, which can change the state of the stream.